standing

Subscribe to standing

Where others have failed, Alan Claridge did not. Recently, a Federal judge in the Northern District of California declined to dismiss Plaintiff Claridge’s claims arising from a data breach involving the social entertainment site RockYou. Arguing that the data breach harmed the value of his personal information, Plaintiff convinced the court not to dismiss his action for lack of standing.

In Amburgy v. Express Scripts, Inc., Magistrate Judge Frederick R. Buckles of the U.S. District Court for the Eastern District of Missouri held that “plaintiff’s asserted claim of ‘increased-risk-of-harm’ fails to meet the constitutional requirement that a plaintiff demonstrate harm that is ‘actual or imminent, not conjectural or hypothetical.’ Plaintiff has therefore failed to carry his burden of demonstrating that he has standing to bring this suit.”

Where the only “damages” alleged following a data security breach are the costs of credit monitoring, a plaintiff has no case, so ruled the Seventh Circuit on August 23, 2007. The decision dealt another blow to so-called “identity exposure” plaintiffs seeking to recover damages stemming from the unauthorized disclosure of their personal information, as the Seventh Circuit’s ruling joined the unanimous line of lower court decisions denying recovery in the absence of actual, present harm.

In Pisciotta v. Old National Bancorp, — F.3d –, 2007 WL 2389770 (7th Cir. Aug. 23, 2007), the court ruled that “Indiana law would not recognize the costs of credit monitoring that the plaintiffs seek to recover in this case as compensable damages.” Id. at *6. In doing so, the Seventh Circuit joins a chorus of federal district courts that uniformly reject such costs as a form of cognizable injury sufficient to support legal claims for damages.